VYPR

CWE-345

Insufficient Verification of Data Authenticity

ClassDraft

Description

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-111 · CAPEC-141 · CAPEC-142 · CAPEC-148 · CAPEC-218 · CAPEC-384 · CAPEC-385 · CAPEC-386 · CAPEC-387 · CAPEC-388 · CAPEC-665 · CAPEC-701

CVEs mapped to this weakness (306)

page 4 of 16
  • CVE-2017-14091HigDec 16, 2017
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific installations that utilize a uncommon feature - Other Update Sources - could be exploited to overwrite sensitive files in the ScanMail for Exchange directory.

  • CVE-2017-10624HigOct 13, 2017
    risk 0.49cvss 7.5epss 0.00

    Insufficient verification of node certificates in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to make unauthorized modifications to Space database or add nodes. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1.

  • CVE-2017-12972HigAug 20, 2017
    risk 0.49cvss 7.5epss 0.01

    In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check when converting length values from bytes to bits, which allows attackers to conduct HMAC bypass attacks by shifting Additional Authenticated Data (AAD) and ciphertext so that different plaintext is obtained for…

  • CVE-2017-11379HigAug 1, 2017
    risk 0.49cvss 7.5epss 0.00

    Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1.

  • CVE-2017-11178HigJul 12, 2017
    risk 0.49cvss 7.5epss 0.01

    In FineCMS through 2017-07-11, application/core/controller/style.php allows remote attackers to write to arbitrary files via the contents and filename parameters in a route=style action. For example, this can be used to overwrite a .php file because the file extension is not…

  • CVE-2016-9450HigNov 25, 2016
    risk 0.49cvss 7.5epss 0.01

    The user password reset form in Drupal 8.x before 8.2.3 allows remote attackers to conduct cache poisoning attacks by leveraging failure to specify a correct cache context.

  • CVE-2016-3983HigApr 8, 2016
    risk 0.49cvss 7.5epss 0.01

    McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remote attackers to bypass malware detection by leveraging information about the parent process.

  • CVE-2016-1493HigJan 29, 2016
    risk 0.49cvss 7.5epss 0.01

    Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file.

  • CVE-2025-27616HigMar 10, 2025
    risk 0.48cvss 8.5epss 0.00

    Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. Prior to versions 0.25.3 and 0.26.3, by spoofing a webhook payload with a specific set of headers and body data, an attacker could transfer ownership of a repository and its…

  • CVE-2025-24903HigFeb 13, 2025
    risk 0.48cvss 8.5epss 0.00

    libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with Signal servers. Prior to commit 82d70f6720e762898f34ae76b0894b0297d9b2f8, any contact may forge a sync message, impersonating another device…

  • CVE-2025-9379HigAug 24, 2025
    risk 0.47cvss 7.2epss 0.00

    A vulnerability was determined in Belkin AX1800 1.1.00.016. Affected by this vulnerability is an unknown functionality of the component Firmware Update Handler. This manipulation causes insufficient verification of data authenticity. The attack can be initiated remotely. The…

  • CVE-2024-10237HigFeb 4, 2025
    risk 0.47cvss 7.2epss 0.00

    There is a vulnerability in the BMC firmware image authentication design at Supermicro MBD-X12DPG-OA6 . An attacker can modify the firmware to bypass BMC inspection and bypass the signature verification process

  • CVE-2024-30162HigJun 7, 2024
    risk 0.47cvss 7.2epss 0.01

    Invision Community through 4.7.16 allows remote code execution via the applications/core/modules/admin/editor/toolbar.php IPS\core\modules\admin\editor\_toolbar::addPlugin() method. This method handles uploaded ZIP files that are extracted into the…

  • CVE-2017-9606HigJun 15, 2017
    risk 0.47cvss 7.3epss 0.00

    Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity…

  • CVE-2016-2309HigMay 30, 2016
    risk 0.47cvss 7.2epss 0.01

    iRZ RUH2 before 2b does not validate firmware patches, which allows remote authenticated users to modify data or cause a denial of service via unspecified vectors.

  • CVE-2026-45055HigMay 13, 2026
    risk 0.46cvss 8.1epss 0.00

    CubeCart is an ecommerce software solution. Prior to 6.7.2, CubeCart 6.6.x – 6.7.1 builds CC_STORE_URL directly from the Host request header at bootstrap, with no allowlist. The constant is embedded verbatim into transactional email links, most critically the password-reset…

  • CVE-2025-43865HigApr 25, 2025
    risk 0.46cvss 8.2epss 0.01

    React Router is a router for React. In versions on the 7.0 branch prior to version 7.5.2, it's possible to modify pre-rendered data by adding a header to the request. This allows to completely spoof its contents and modify all the values ​​of the data object passed to the…

  • CVE-2023-3325HigJun 20, 2023
    risk 0.46cvss 8.1epss 0.01

    The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an insufficiently unique cryptographic signature on the 'cmsc_add_site' function in versions up to, and including, 2.287. This makes it possible for unauthenticated attackers to the…

  • CVE-2026-3012HigMay 27, 2026
    risk 0.45cvss 8.0epss 0.00

    A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An…

  • CVE-2025-12080MedOct 27, 2025
    risk 0.45cvss epss 0.00

    On Wear OS devices, when Google Messages is configured as the default SMS/MMS/RCS application, the handling of ACTION_SENDTO intents utilizing the sms:, smsto:, mms:, and mmsto: Uniform Resource Identifier (URI) schemes is incorrectly implemented. Due to this misconfiguration,…